siwe-rb 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1344345a5daec54f2ab4b8e0da7dd6476561afd6669f23f4a85a8bdcdb2c751c
+  data.tar.gz: ba59b351b355dc16dffdd08ca99214f895acdaa933a492f746d4916634887b51
+SHA512:
+  metadata.gz: 0a3d065c0830b39ceb0d4b36650671cb7e92ad48907caa305219956d394c155f53fc322c91052b1609667ec6fefcadab23203449f311631d924977fbe525aab2
+  data.tar.gz: 47e4a640616be6de51ca67b78cf90650bbbc043ff9b3468021ae749fd0c5b403c7bc7d94b406dfc8b30735f869c7455898aee01fb2d251c5dfabed0e0849b7dc

data/CHANGELOG.md

@@ -0,0 +1,16 @@
+# Changelog
+
+## [0.1.0] — 2026-05-04
+
+Initial release of `siwe-rb`. Hard fork of the abandoned `siwe` gem (last published 0.1.0, 2021).
+
+- Modern Ruby (≥ 3.2), no Ruby 2.x cruft.
+- ABNF-aligned EIP-4361 parser; passes the shared `@signinwithethereum/test-vectors` suite (parsing, grammar, objects, verification).
+- 17-character alphanumeric nonce, matching the TypeScript reference (`Siwe.generate_nonce`).
+- Optional `scheme` field for `https://`-prefixed messages (ERC-4361 erratum).
+- Single structured `Siwe::Error` with 27 typed error codes (`Siwe::ErrorType`) and `expected:` / `received:` context, replacing the legacy one-class-per-error layout.
+- `Siwe::Response` value object returned by `Message#verify`; `Message#verify!` raises on failure for the common Rails-controller path.
+- ERC-1271 + EIP-6492 smart-wallet support via the off-chain universal validator (single `eth_call` covers deployed wallets like Safe and counterfactual wallets like Coinbase Smart Wallet).
+- Built-in `Siwe::Rpc::HttpClient` (Net::HTTP-based JSON-RPC) plus a duck-typed plug-in surface — drop in `web3.rb`, `eth-rpc`, or any object responding to `eth_call(to:, data:, block:)`.
+- Pluggable `Siwe::Adapter` (defaults to the `eth` gem) for crypto / signature recovery.
+- Modern toolchain: RuboCop, RSpec, WebMock, GitHub Actions matrix on Ruby 3.2 / 3.3 / 3.4, optional gated live-RPC integration job.

data/Gemfile

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gemspec
+
+group :development, :test do
+  gem "rake", "~> 13.0"
+  gem "rspec", "~> 3.13"
+  gem "rubocop", "~> 1.65"
+  gem "simplecov", "~> 0.22"
+  gem "webmock", "~> 3.25"
+end

data/Gemfile.lock

@@ -0,0 +1,211 @@
+PATH
+  remote: .
+  specs:
+    siwe-rb (0.1.0)
+      eth (>= 0.5.11, < 1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.9.0)
+      public_suffix (>= 2.0.2, < 8.0)
+    ast (2.4.3)
+    base64 (0.3.0)
+    bigdecimal (3.3.1)
+    bls12-381 (0.3.1)
+      bigdecimal
+      h2c (>= 0.2.1, < 0.3)
+    crack (1.0.1)
+      bigdecimal
+      rexml
+    diff-lcs (1.6.2)
+    docile (1.4.1)
+    ecdsa (1.2.0)
+    eth (0.5.17)
+      base64 (~> 0.1)
+      bigdecimal (~> 3.1)
+      bls12-381 (~> 0.3)
+      forwardable (~> 1.3)
+      httpx (~> 1.6)
+      keccak (~> 1.3)
+      konstructor (~> 1.0)
+      openssl (~> 3.3)
+      rbsecp256k1 (~> 6.0)
+      scrypt (~> 3.0)
+    ffi (1.17.4)
+    ffi (1.17.4-aarch64-linux-gnu)
+    ffi (1.17.4-aarch64-linux-musl)
+    ffi (1.17.4-arm-linux-gnu)
+    ffi (1.17.4-arm-linux-musl)
+    ffi (1.17.4-arm64-darwin)
+    ffi (1.17.4-x86-linux-gnu)
+    ffi (1.17.4-x86-linux-musl)
+    ffi (1.17.4-x86_64-darwin)
+    ffi (1.17.4-x86_64-linux-gnu)
+    ffi (1.17.4-x86_64-linux-musl)
+    ffi-compiler (1.4.2)
+      ffi (>= 1.15.5)
+      rake
+    forwardable (1.4.0)
+    h2c (0.2.1)
+      ecdsa (~> 1.2.0)
+    hashdiff (1.2.1)
+    http-2 (1.1.3)
+    httpx (1.7.6)
+      http-2 (>= 1.1.3)
+    json (2.19.5)
+    keccak (1.3.3)
+    konstructor (1.0.2)
+    language_server-protocol (3.17.0.5)
+    lint_roller (1.1.0)
+    mini_portile2 (2.8.9)
+    openssl (3.3.2)
+    parallel (2.1.0)
+    parser (3.3.11.1)
+      ast (~> 2.4.1)
+      racc
+    pkg-config (1.6.5)
+    prism (1.9.0)
+    public_suffix (7.0.5)
+    racc (1.8.1)
+    rainbow (3.1.1)
+    rake (13.4.2)
+    rbsecp256k1 (6.0.0)
+      mini_portile2 (~> 2.8)
+      pkg-config (~> 1.5)
+      rubyzip (~> 2.3)
+    regexp_parser (2.12.0)
+    rexml (3.4.4)
+    rspec (3.13.2)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.6)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.5)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.8)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.7)
+    rubocop (1.86.1)
+      json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
+      parallel (>= 1.10)
+      parser (>= 3.3.0.2)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.49.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.49.1)
+      parser (>= 3.3.7.2)
+      prism (~> 1.7)
+    ruby-progressbar (1.13.0)
+    rubyzip (2.4.1)
+    scrypt (3.1.0)
+      ffi-compiler (>= 1.0, < 2.0)
+      rake (~> 13)
+    simplecov (0.22.0)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.13.2)
+    simplecov_json_formatter (0.1.4)
+    unicode-display_width (3.2.0)
+      unicode-emoji (~> 4.1)
+    unicode-emoji (4.2.0)
+    webmock (3.26.2)
+      addressable (>= 2.8.0)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  ruby
+  x86-linux-gnu
+  x86-linux-musl
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
+
+DEPENDENCIES
+  rake (~> 13.0)
+  rspec (~> 3.13)
+  rubocop (~> 1.65)
+  simplecov (~> 0.22)
+  siwe-rb!
+  webmock (~> 3.25)
+
+CHECKSUMS
+  addressable (2.9.0) sha256=7fdf6ac3660f7f4e867a0838be3f6cf722ace541dd97767fa42bc6cfa980c7af
+  ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383
+  base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b
+  bigdecimal (3.3.1) sha256=eaa01e228be54c4f9f53bf3cc34fe3d5e845c31963e7fcc5bedb05a4e7d52218
+  bls12-381 (0.3.1) sha256=d1525cd319c53f14178d54f355dfe1b4c572fbf5625965c1afccdc425b9896dc
+  crack (1.0.1) sha256=ff4a10390cd31d66440b7524eb1841874db86201d5b70032028553130b6d4c7e
+  diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962
+  docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e
+  ecdsa (1.2.0) sha256=b8f7c9541b6c587cbe37e705a1b76be6dc1e85336aa23ac3cf2f07b038bcec55
+  eth (0.5.17) sha256=5be9caa85b0643613010ae33c92e746a02ce376a35245e6eb5f491e80531f137
+  ffi (1.17.4) sha256=bcd1642e06f0d16fc9e09ac6d49c3a7298b9789bcb58127302f934e437d60acf
+  ffi (1.17.4-aarch64-linux-gnu) sha256=b208f06f91ffd8f5e1193da3cae3d2ccfc27fc36fba577baf698d26d91c080df
+  ffi (1.17.4-aarch64-linux-musl) sha256=9286b7a615f2676245283aef0a0a3b475ae3aae2bb5448baace630bb77b91f39
+  ffi (1.17.4-arm-linux-gnu) sha256=d6dbddf7cb77bf955411af5f187a65b8cd378cb003c15c05697f5feee1cb1564
+  ffi (1.17.4-arm-linux-musl) sha256=9d4838ded0465bef6e2426935f6bcc93134b6616785a84ffd2a3d82bc3cf6f95
+  ffi (1.17.4-arm64-darwin) sha256=19071aaf1419251b0a46852abf960e77330a3b334d13a4ab51d58b31a937001b
+  ffi (1.17.4-x86-linux-gnu) sha256=38e150df5f4ca555e25beca4090823ae09657bceded154e3c52f8631c1ed72cf
+  ffi (1.17.4-x86-linux-musl) sha256=fbeec0fc7c795bcf86f623bb18d31ea1820f7bd580e1703a3d3740d527437809
+  ffi (1.17.4-x86_64-darwin) sha256=aa70390523cf3235096cf64962b709b4cfbd5c082a2cb2ae714eb0fe2ccda496
+  ffi (1.17.4-x86_64-linux-gnu) sha256=9d3db14c2eae074b382fa9c083fe95aec6e0a1451da249eab096c34002bc752d
+  ffi (1.17.4-x86_64-linux-musl) sha256=3fdf9888483de005f8ef8d1cf2d3b20d86626af206cbf780f6a6a12439a9c49e
+  ffi-compiler (1.4.2) sha256=a9d69d5d9ced6f64776ddafa535867ad90e5740ad37bed7afb4de6e450da126e
+  forwardable (1.4.0) sha256=f1cd40cc9812937980e1c76f1aa053660990a7c9b6a98fc37d945468afcce838
+  h2c (0.2.1) sha256=a53b7dfeb95660c97b615235ea1b29ec8e1856edc571845685682d94b6e8e227
+  hashdiff (1.2.1) sha256=9c079dbc513dfc8833ab59c0c2d8f230fa28499cc5efb4b8dd276cf931457cd1
+  http-2 (1.1.3) sha256=1b2f379d35a11dbae94f8a1a52c053d8c161eb4a0c98b5d1605ff1b2bf171c9c
+  httpx (1.7.6) sha256=82d825abc9876a132adc3492c56a0c528478ac238dd6f74d3422ab0036c6b5c8
+  json (2.19.5) sha256=218a18553e4801d579ca7e0f5bc72bafd776d7397238a1fb4e74db5b0a812c59
+  keccak (1.3.3) sha256=970dcb1e78b8c3129ba2baff8a5baa5cebf391136db1f4018e8ccc9130794557
+  konstructor (1.0.2) sha256=fd6ac9eb1dadc1e520e06042aa2ef0122d6a070e06cde86db5a54c0c7bfe2e31
+  language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc
+  lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87
+  mini_portile2 (2.8.9) sha256=0cd7c7f824e010c072e33f68bc02d85a00aeb6fce05bb4819c03dfd3c140c289
+  openssl (3.3.2) sha256=7f4e01215dc9c4be1fca71d692406be3e6340b39c1f71a47fea9c497decd0f6c
+  parallel (2.1.0) sha256=b35258865c2e31134c5ecb708beaaf6772adf9d5efae28e93e99260877b09356
+  parser (3.3.11.1) sha256=d17ace7aabe3e72c3cc94043714be27cc6f852f104d81aa284c2281aecc65d54
+  pkg-config (1.6.5) sha256=33f9f81c5322983d22b439b8b672f27777b406fea23bfec74ff14bbeb42ec733
+  prism (1.9.0) sha256=7b530c6a9f92c24300014919c9dcbc055bf4cdf51ec30aed099b06cd6674ef85
+  public_suffix (7.0.5) sha256=1a8bb08f1bbea19228d3bed6e5ed908d1cb4f7c2726d18bd9cadf60bc676f623
+  racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f
+  rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a
+  rake (13.4.2) sha256=cb825b2bd5f1f8e91ca37bddb4b9aaf345551b4731da62949be002fa89283701
+  rbsecp256k1 (6.0.0) sha256=d38f563bfc6bcf3ce20c336a4798cc6990427f291e74c6817360363a72f11669
+  regexp_parser (2.12.0) sha256=35a916a1d63190ab5c9009457136ae5f3c0c7512d60291d0d1378ba18ce08ebb
+  rexml (3.4.4) sha256=19e0a2c3425dfbf2d4fc1189747bdb2f849b6c5e74180401b15734bc97b5d142
+  rspec (3.13.2) sha256=206284a08ad798e61f86d7ca3e376718d52c0bc944626b2349266f239f820587
+  rspec-core (3.13.6) sha256=a8823c6411667b60a8bca135364351dda34cd55e44ff94c4be4633b37d828b2d
+  rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836
+  rspec-mocks (3.13.8) sha256=086ad3d3d17533f4237643de0b5c42f04b66348c28bf6b9c2d3f4a3b01af1d47
+  rspec-support (3.13.7) sha256=0640e5570872aafefd79867901deeeeb40b0c9875a36b983d85f54fb7381c47c
+  rubocop (1.86.1) sha256=44415f3f01d01a21e01132248d2fd0867572475b566ca188a0a42133a08d4531
+  rubocop-ast (1.49.1) sha256=4412f3ee70f6fe4546cc489548e0f6fcf76cafcfa80fa03af67098ffed755035
+  ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33
+  rubyzip (2.4.1) sha256=8577c88edc1fde8935eb91064c5cb1aef9ad5494b940cf19c775ee833e075615
+  scrypt (3.1.0) sha256=67fde35bc7e3b7fe906c5be9c242acf95fe4a886c89572f405f6b11df30aa6af
+  simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5
+  simplecov-html (0.13.2) sha256=bd0b8e54e7c2d7685927e8d6286466359b6f16b18cb0df47b508e8d73c777246
+  simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428
+  siwe-rb (0.1.0)
+  unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42
+  unicode-emoji (4.2.0) sha256=519e69150f75652e40bf736106cfbc8f0f73aa3fb6a65afe62fefa7f80b0f80f
+  webmock (3.26.2) sha256=774556f2ea6371846cca68c01769b2eac0d134492d21f6d0ab5dd643965a4c90
+
+BUNDLED WITH
+  4.0.3

data/LICENSE-MIT

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 EthID.org
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,142 @@
+# siwe-rb
+
+Sign-In with Ethereum (EIP-4361) for Ruby — message construction, parsing, and signature verification, with built-in support for ERC-1271 and EIP-6492 smart contract wallets.
+
+`siwe-rb` is the Ruby companion to the [TypeScript](https://github.com/signinwithethereum/siwe), [Python](https://github.com/signinwithethereum/siwe-py), and [Rust](https://github.com/signinwithethereum/siwe-rs) implementations under the [@signinwithethereum](https://github.com/signinwithethereum) organisation. It runs against the same shared test-vector suite.
+
+## Installation
+
+```ruby
+# Gemfile
+gem "siwe-rb", "~> 0.1"
+```
+
+```ruby
+require "siwe"
+```
+
+Requires Ruby ≥ 3.2.
+
+## Usage
+
+### Construct and sign a message
+
+```ruby
+require "siwe"
+require "eth"
+
+key = Eth::Key.new
+
+message = Siwe::Message.new(
+  domain:     "example.com",
+  address:    key.address.to_s,
+  uri:        "https://example.com/login",
+  chain_id:   1,
+  nonce:      Siwe.generate_nonce,
+  issued_at:  Time.now.utc.iso8601,
+  statement:  "Sign in to example.com"
+)
+
+text      = message.prepare_message  # → EIP-4361 message string
+signature = key.personal_sign(text)
+```
+
+### Parse a message
+
+```ruby
+message = Siwe::Message.parse(text)
+message.domain    # => "example.com"
+message.address   # => "0x..."
+message.warnings  # => [] (e.g. ["address is not EIP-55 checksummed - 0x…"])
+```
+
+### Verify a signature
+
+`verify` returns a `Siwe::Response`; `verify!` raises a `Siwe::Error` on failure.
+
+```ruby
+response = message.verify(
+  signature: signature,
+  domain:    "example.com",
+  nonce:     message.nonce
+)
+
+if response.success?
+  # signed in
+else
+  Rails.logger.warn("siwe failed: #{response.error.type}")
+end
+
+# or, idiomatic Ruby:
+message.verify!(signature: signature, domain: "example.com", nonce: message.nonce)
+```
+
+### Smart-wallet support (ERC-1271, EIP-6492)
+
+Configure an Ethereum RPC URL once at boot, and `verify` will automatically fall through to a single deploy-and-call against the EIP-6492 universal validator when EOA recovery fails. This handles both deployed ERC-1271 wallets (e.g. Safe) and counterfactual EIP-6492-wrapped signatures (e.g. Coinbase Smart Wallet) in one call.
+
+```ruby
+Siwe.configure do |c|
+  c.rpc_url = ENV["ETH_RPC_URL"]   # e.g. https://ethereum-rpc.publicnode.com
+end
+
+message.verify!(signature: sig, domain: "example.com", nonce: message.nonce)
+```
+
+You can also pass an RPC client per call, or inject your own client (anything responding to `eth_call(to:, data:, block:)`):
+
+```ruby
+custom_rpc = MyOwnRpcClient.new(...)
+config     = Siwe::Config.new(rpc: custom_rpc)
+message.verify!(signature: sig, domain: domain, nonce: nonce, config: config)
+```
+
+### Error handling
+
+All failures raise (or, for `verify`, surface as `response.error`) a single `Siwe::Error` carrying a `type` symbol from `Siwe::ErrorType`:
+
+```ruby
+begin
+  message.verify!(signature: sig, domain: domain, nonce: nonce)
+rescue Siwe::Error => e
+  case e.type
+  when :expired_message       then render_expired
+  when :nonce_mismatch        then render_replay
+  when :invalid_signature     then render_unauthorized
+  when :rpc_error             then retry_or_fail
+  else                             render_generic_error
+  end
+end
+```
+
+The full set of error types mirrors `SiweErrorType` in the TypeScript reference (27 codes including the Ruby-specific `:rpc_error`). See `lib/siwe/error_type.rb`.
+
+## Comparison with the TypeScript implementation
+
+| Feature                            | TS            | Ruby           |
+| ---------------------------------- | ------------- | -------------- |
+| EIP-4361 v1 parsing & rendering    | ✓             | ✓              |
+| Optional `scheme` field            | ✓             | ✓              |
+| EIP-55 checksum + warning          | ✓             | ✓              |
+| 17-char alphanumeric nonce         | ✓             | ✓              |
+| `verify` / response object         | Promise       | sync `Response`|
+| EOA verification                   | ✓             | ✓              |
+| ERC-1271 verification              | ✓ (via viem)  | ✓ (built-in)   |
+| EIP-6492 verification              | ✓ (via viem)  | ✓ (built-in)   |
+| Pluggable provider                 | viem / ethers | duck-typed RPC |
+| Shared test-vector suite           | ✓             | ✓              |
+
+## Development
+
+```bash
+git submodule update --init    # pulls in the shared test-vectors repo
+bundle install
+bundle exec rake               # runs rspec + rubocop
+
+# Live RPC integration tests (Argent, Loopring, EIP-6492 universal validator):
+SIWE_RPC_URL=https://ethereum-rpc.publicnode.com bundle exec rspec --tag live_rpc
+```
+
+## License
+
+MIT or Apache-2.0, at your option.

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[spec rubocop]

data/lib/siwe/adapter.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require "eth"
+
+require_relative "error"
+require_relative "error_type"
+
+module Siwe
+  module Adapter
+    # Default crypto adapter using the eth gem.
+    # Implements the SiweConfig interface from the TS reference implementation:
+    # verify_message → recover signer address from EIP-191 signed message
+    # hash_message → EIP-191 personal_sign hash
+    # get_address → normalize to EIP-55 checksum address
+    class EthGem
+      def verify_message(message, signature)
+        public_key = Eth::Signature.personal_recover(message, signature)
+        Eth::Util.public_key_to_address(public_key).to_s
+      end
+
+      def hash_message(message)
+        prefixed = Eth::Signature.prefix_message(message)
+        Eth::Util.keccak256(prefixed)
+      end
+
+      def get_address(addr)
+        Eth::Address.new(addr).to_s
+      end
+    end
+
+    DEFAULT = EthGem.new
+  end
+end

data/lib/siwe/config.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require_relative "adapter"
+
+module Siwe
+  # Verification config — pluggable adapter (crypto), RPC URL or RPC client (smart wallet),
+  # and optional verification fallback.
+  #
+  # Set globally via Siwe.configure { |c| ... } or per-call as `verify(config: ...)`.
+  class Config
+    attr_reader :rpc_url, :rpc, :adapter, :verification_fallback
+
+    def initialize(rpc_url: nil, rpc: nil, adapter: nil, verification_fallback: nil)
+      @rpc_url = rpc_url
+      @rpc = rpc
+      @adapter = adapter || Siwe::Adapter::DEFAULT
+      @verification_fallback = verification_fallback
+    end
+
+    def to_h
+      {
+        rpc_url: @rpc_url,
+        rpc: @rpc,
+        adapter: @adapter,
+        verification_fallback: @verification_fallback
+      }
+    end
+
+    # Mutable struct used inside Siwe.configure { |c| c.rpc_url = ... }.
+    # Caller mutates fields, then build returns a frozen Config.
+    class Builder
+      attr_accessor :rpc_url, :rpc, :adapter, :verification_fallback
+
+      def initialize(rpc_url: nil, rpc: nil, adapter: nil, verification_fallback: nil)
+        @rpc_url = rpc_url
+        @rpc = rpc
+        @adapter = adapter
+        @verification_fallback = verification_fallback
+      end
+
+      def build
+        Config.new(
+          rpc_url: @rpc_url,
+          rpc: @rpc,
+          adapter: @adapter,
+          verification_fallback: @verification_fallback
+        )
+      end
+    end
+  end
+end

data/lib/siwe/eip6492.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Siwe
+  # EIP-6492 — Signatures for Predeploy Contracts.
+  #
+  # Wraps an inner ERC-1271 signature with a deploy-and-call shim so that signers
+  # whose contract has not yet been deployed can still produce verifiable signatures.
+  # See https://eips.ethereum.org/EIPS/eip-6492.
+  module Eip6492
+    # 32-byte magic suffix appended to EIP-6492 wrapped signatures.
+    MAGIC_SUFFIX = "6492649264926492649264926492649264926492649264926492649264926492"
+
+    # ERC-1271 magic value returned by `isValidSignature(bytes32,bytes)`.
+    EIP1271_MAGIC_VALUE = "1626ba7e"
+
+    # Off-chain universal signature validator. Deployed via eth_call (no actual
+    # deployment) to verify EOA, ERC-1271, and EIP-6492 signatures in one call.
+    #
+    # Constructor: (address signer, bytes32 hash, bytes signature)
+    # Returns: 0x01 if valid, 0x00 if invalid.
+    #
+    # Source: viem `erc6492SignatureValidatorByteCode`. Mirror of
+    # libs/ts/packages/siwe/lib/eip6492.ts:16. Without the 0x prefix.
+    # rubocop:disable Layout/LineLength
+    VALIDATOR_BYTECODE = "608060405234801561001057600080fd5b5060405161069438038061069483398101604081905261002f9161051e565b600061003c848484610048565b9050806000526001601ff35b60007f64926492649264926492649264926492649264926492649264926492649264926100748361040c565b036101e7576000606080848060200190518101906100929190610577565b60405192955090935091506000906001600160a01b038516906100b69085906105dd565b6000604051808303816000865af19150503d80600081146100f3576040519150601f19603f3d011682016040523d82523d6000602084013e6100f8565b606091505b50509050876001600160a01b03163b60000361016057806101605760405162461bcd60e51b815260206004820152601e60248201527f5369676e617475726556616c696461746f723a206465706c6f796d656e74000060448201526064015b60405180910390fd5b604051630b135d3f60e11b808252906001600160a01b038a1690631626ba7e90610190908b9087906004016105f9565b602060405180830381865afa1580156101ad573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906101d19190610633565b6001600160e01b03191614945050505050610405565b6001600160a01b0384163b1561027a57604051630b135d3f60e11b808252906001600160a01b03861690631626ba7e9061022790879087906004016105f9565b602060405180830381865afa158015610244573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102689190610633565b6001600160e01b031916149050610405565b81516041146102df5760405162461bcd60e51b815260206004820152603a602482015260008051602061067483398151915260448201527f3a20696e76616c6964207369676e6174757265206c656e6774680000000000006064820152608401610157565b6102e7610425565b5060208201516040808401518451859392600091859190811061030c5761030c61065d565b016020015160f81c9050601b811480159061032b57508060ff16601c14155b1561038c5760405162461bcd60e51b815260206004820152603b602482015260008051602061067483398151915260448201527f3a20696e76616c6964207369676e617475726520762076616c756500000000006064820152608401610157565b60408051600081526020810180835289905260ff83169181019190915260608101849052608081018390526001600160a01b0389169060019060a0016020604051602081039080840390855afa1580156103ea573d6000803e3d6000fd5b505050602060405103516001600160a01b0316149450505050505b9392505050565b600060208251101561041d57600080fd5b508051015190565b60405180606001604052806003906020820280368337509192915050565b6001600160a01b038116811461045857600080fd5b50565b634e487b7160e01b600052604160045260246000fd5b60005b8381101561048c578181015183820152602001610474565b50506000910152565b600082601f8301126104a657600080fd5b81516001600160401b038111156104bf576104bf61045b565b604051601f8201601f19908116603f011681016001600160401b03811182821017156104ed576104ed61045b565b60405281815283820160200185101561050557600080fd5b610516826020830160208701610471565b949350505050565b60008060006060848603121561053357600080fd5b835161053e81610443565b6020850151604086015191945092506001600160401b0381111561056157600080fd5b61056d86828701610495565b9150509250925092565b60008060006060848603121561058c57600080fd5b835161059781610443565b60208501519093506001600160401b038111156105b357600080fd5b6105bf86828701610495565b604086015190935090506001600160401b0381111561056157600080fd5b600082516105ef818460208701610471565b9190910192915050565b828152604060208201526000825180604084015261061e816060850160208701610471565b601f01601f1916919091016060019392505050565b60006020828403121561064557600080fd5b81516001600160e01b03198116811461040557600080fd5b634e487b7160e01b600052603260045260246000fdfe5369676e617475726556616c696461746f72237265636f7665725369676e6572"
+    # rubocop:enable Layout/LineLength
+
+    # Predicate: does this signature carry the EIP-6492 magic suffix?
+    def self.signature?(hex)
+      return false if hex.nil?
+
+      stripped = hex.start_with?("0x") ? hex[2..] : hex
+      return false if stripped.length < MAGIC_SUFFIX.length
+
+      stripped.end_with?(MAGIC_SUFFIX)
+    end
+  end
+end

data/lib/siwe/error.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require_relative "error_type"
+
+module Siwe
+  class Error < StandardError
+    attr_reader :type, :expected, :received
+
+    def initialize(type, expected: nil, received: nil, message: nil)
+      raise ArgumentError, "unknown SIWE error type: #{type.inspect}" unless ErrorType::MESSAGES.key?(type)
+
+      @type = type
+      @expected = expected
+      @received = received
+      super(message || ErrorType::MESSAGES.fetch(type))
+    end
+
+    def to_h
+      { type: @type, expected: @expected, received: @received, message: message }
+    end
+  end
+end

data/lib/siwe/error_type.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+module Siwe
+  module ErrorType
+    EXPIRED_MESSAGE            = :expired_message
+    INVALID_DOMAIN             = :invalid_domain
+    SCHEME_MISMATCH            = :scheme_mismatch
+    DOMAIN_MISMATCH            = :domain_mismatch
+    NONCE_MISMATCH             = :nonce_mismatch
+    URI_MISMATCH               = :uri_mismatch
+    CHAIN_ID_MISMATCH          = :chain_id_mismatch
+    REQUEST_ID_MISMATCH        = :request_id_mismatch
+    INVALID_ADDRESS            = :invalid_address
+    INVALID_URI                = :invalid_uri
+    INVALID_NONCE              = :invalid_nonce
+    NOT_YET_VALID_MESSAGE      = :not_yet_valid_message
+    INVALID_SIGNATURE          = :invalid_signature
+    INVALID_SIGNATURE_CHAIN_ID = :invalid_signature_chain_id
+    INVALID_TIME_FORMAT        = :invalid_time_format
+    INVALID_MESSAGE_VERSION    = :invalid_message_version
+    UNABLE_TO_PARSE            = :unable_to_parse
+    MISSING_DOMAIN             = :missing_domain
+    MISSING_NONCE              = :missing_nonce
+    MISSING_URI                = :missing_uri
+    MISSING_CHAIN_ID           = :missing_chain_id
+    MISSING_CONFIG             = :missing_config
+    MISSING_PROVIDER_LIBRARY   = :missing_provider_library
+    NONCE_GENERATION_FAILED    = :nonce_generation_failed
+    INVALID_PARAMS             = :invalid_params
+    MALFORMED_MESSAGE          = :malformed_message
+    RPC_ERROR                  = :rpc_error
+
+    MESSAGES = {
+      EXPIRED_MESSAGE => "Expired message.",
+      INVALID_DOMAIN => "Invalid domain.",
+      SCHEME_MISMATCH => "Scheme does not match provided scheme for verification.",
+      DOMAIN_MISMATCH => "Domain does not match provided domain for verification.",
+      NONCE_MISMATCH => "Nonce does not match provided nonce for verification.",
+      URI_MISMATCH => "URI does not match provided URI for verification.",
+      CHAIN_ID_MISMATCH => "Chain ID does not match provided chain ID for verification.",
+      REQUEST_ID_MISMATCH => "Request ID does not match provided request ID for verification.",
+      INVALID_ADDRESS => "Invalid address.",
+      INVALID_URI => "URI does not conform to RFC 3986.",
+      INVALID_NONCE => "Nonce size smaller than 8 characters or is not alphanumeric.",
+      NOT_YET_VALID_MESSAGE => "Message is not valid yet.",
+      INVALID_SIGNATURE => "Signature does not match address of the message.",
+      INVALID_SIGNATURE_CHAIN_ID => "Contract wallet verification provider chain does not match message chain ID.",
+      INVALID_TIME_FORMAT => "Invalid time format.",
+      INVALID_MESSAGE_VERSION => "Invalid message version.",
+      UNABLE_TO_PARSE => "Unable to parse the message.",
+      MISSING_DOMAIN => "Domain is required for verification.",
+      MISSING_NONCE => "Nonce is required for verification.",
+      MISSING_URI => "URI is required in strict mode.",
+      MISSING_CHAIN_ID => "Chain ID is required in strict mode.",
+      MISSING_CONFIG => "No verification configuration found.",
+      MISSING_PROVIDER_LIBRARY => "Required provider library is not installed.",
+      NONCE_GENERATION_FAILED => "Nonce generation failed.",
+      INVALID_PARAMS => "Invalid parameters passed to verify.",
+      MALFORMED_MESSAGE => "Message could not be prepared for signing.",
+      RPC_ERROR => "RPC call failed."
+    }.freeze
+
+    ALL = MESSAGES.keys.freeze
+  end
+end